On Fri, Aug 6, 2010 at 11:06 AM, Kevin Chadwick <ma1l1i...@yahoo.co.uk> wrote: > Does anyone know if the following patch is a good idea for OpenBSD or > simply never needed no matter how many mails you process. > > http://vorlon.cwru.edu/~tmb2/qmail-1.03/qmail-1.03-maildir-uniq.patch
I would not use that patch. There are some sloppy mistakes (e.g., not correctly mangling hostnames to spec), so it makes me nervous whether or not the author made sure the fntmptph and fnnewtph buffers are large enough for his new string formats. They're certainly not if an attacker controlled what gethostname(3) returns, but that's a bit of a stretch...
